When you are trying to build a secure website or web application, it helps to see the problem through the eyes of a hacker! ABC's Of How To Hack & Defend A Website is a 3 hour video course designed to review key web technologies, exploitation techniques and how to find vulnerabilities. The course contains several hands-on exercises and ends with a Capture The Flag (CTF) competition. This course has been pre-approved by CompTIA to receive 3 CEU's for Security+ certificate holders.
The course covers:
Basic web application technologies, including Web Servers, Client-Side vs. Server-Side Programming Languages, Databases and their related workflow.
We then use several useful hacking tools, such as Burp Suite and the Damn Vulnerable Web Application (DVWA) to understand HTTP and POST and GET requests.
We take a closer look at the Burp Suite Site Map and Spider, and cover how to bypass Client-Side Controls, Cross-Site Scripting (XSS), and how to use Stored XSS to deface a website; in the final section we discuss how to actually find these vulnerabilities by offering a simple step-by-step process.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.